CN108830602B - Permission chain construction and management and control method based on chameleon hash function - Google Patents
Permission chain construction and management and control method based on chameleon hash function Download PDFInfo
- Publication number
- CN108830602B CN108830602B CN201810675840.6A CN201810675840A CN108830602B CN 108830602 B CN108830602 B CN 108830602B CN 201810675840 A CN201810675840 A CN 201810675840A CN 108830602 B CN108830602 B CN 108830602B
- Authority
- CN
- China
- Prior art keywords
- block
- chain
- hash
- management
- transaction record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Abstract
The invention discloses a permission chain construction and control method based on chameleon hash function, relating to the technical field of network security and comprising the following steps: step 1, defining a chain management and control mechanism and initializing a permission chain according to the chain management mechanism; step 2, packaging the transaction records of the blocks in the network to form new blocks, and adding the new blocks into the permission chain; and 3, monitoring the blocks in the permission chain according to a chain control mechanism, and controlling the blocks which do not conform to the chain control mechanism. The invention realizes the overall real-time monitoring of malicious information and error transaction information on the block by the whole node, any access node can report the error block to the verification node, the control of the verification node on the whole permission chain is realized by constructing the permission chain, the control of the permission chain network is realized under the environment of partial decentralization, all the verification nodes effectively modify the block by calculating chameleon Hash collision and DBFT consensus, and the safety and the controllability of the permission chain are realized.
Description
Technical Field
The invention relates to the technical field of network security, in particular to an admission chain construction and control method based on a chameleon hash function.
Background
The concept of blockchains was first formally proposed in 2008 and can be used to implement public ledgers and unalterable transaction records in a decentralized environment. Technically, the blockchain is often divided into an unlicensed (permitted) chain and a licensed (permitted) chain. The unlicensed chain is also called a public chain, and means that any node can participate in auditing and verification of the block under a completely decentralized environment represented by bitcoin. The permission chain comprises a alliance chain and a private chain, and means that only a part of verification nodes are authorized to participate in a verification audit block, and the characteristics are partial decentralization. Most commercial applications today are still based on a chain of permissions, in the financial industry for example, where the identity of any participating node in the chain is known (e.g., to a financial institution). This is because banks refuse to transact with any unauthorized party, and thus, a public chain open to any node is clearly not able to meet the needs of financial services.
From the perspective of law, the virtual currency and block chain system represented by the bit currency endows each node with fairness, anonymity and non-tamper property, and forms a grey zone which cannot be monitored by law, so that terrorism, crimes and financial order damage are generated as a result, which cannot be tolerated. Therefore, there is a need for a mechanism that allows the blockchain to modify illegal content or erroneous transaction information within a reasonable range. Furthermore, the mechanism must be satisfactory for efficient feasibility, rather than at the expense of blockchain forking, such as the well-known ethernet currency DAO event. In order to efficiently modify the content of the blockchain block, a Chameleon Hash function (Chameleon Hash) is used. In 2016, Atenise et al in RedacteableBlokchain, proposed an editable blockchain technique based on chameleon hash functions, however this approach was far from practical because it only proposed the idea of editing blocks, and many key problems were not addressed, including: (1) how to construct the block chain; (2) how to edit transaction records for the blocks; (3) how to define the editing strategy or logic of the blockchain; (4) what consensus algorithm to use, etc.
Disclosure of Invention
The invention aims to: in order to solve the problems that crimes and financial order are damaged due to the fact that law cannot be supervised and the like caused by the fact that illegal contents or wrong transaction information in a license chain cannot be modified, a license chain structure and a management and control method based on a chameleon hash function are provided.
The technical scheme adopted by the invention is as follows:
a permission chain construction and management and control method based on chameleon hash function comprises the following steps:
step 1, defining a chain management and control mechanism and initializing a permission chain according to the chain management mechanism;
step 2, adding a new block into the permission chain;
and 3, monitoring the blocks in the permission chain according to a chain control mechanism, and controlling the blocks which do not conform to the chain control mechanism.
Further, the chain management and control mechanism comprises a block format and a block management and control condition, wherein the block format comprises a block head and a block body, and the block head comprises a version number version, a hash value pre-hash of a previous block, a random number nonce, a workload proof difficulty value complex, a timestamp, a Merkle hash tree root, a chameleon random number r and a chameleon hash value g; the block body includes a transaction record set tran-set composed of a plurality of transaction records.
Further, the block control condition is a standard for distinguishing normal blocks from abnormal blocks, and a block meeting any requirement of the block control condition is marked as an abnormal block; the block management condition includes: (1) related to national security and cyberspace security; (2) related to illegal discipline and terrorism; (3) significant privacy leaks about individuals or units; (4) about false or erroneous transactions; (5) errors due to human or machine errors.
Further, in step 1, the specific steps of initializing the license chain are as follows:
step 1.1, selecting an anti-collision hash function H and a chameleon hash function G;
step 1.2, accessing nodes into the permission chain, and selecting partial nodes as verification nodes;
step 1.3, calculating according to a chameleon hash function G to obtain a hash key hk and a hash threshold tk, splitting the hash threshold tk into fragments according to the number of selected verification nodes, and mastering one fragment by all the verification nodes;
step 1.4, defining a CH-POW algorithm for calculating the hash value of the block according to the block format, the collision-resistant hash function H, the chameleon hash function G, the hash key hk and the hash limit tk;
step 1.5, generating a creating block through a chain management and control mechanism, an anti-collision Hash function H, a chameleon Hash function G, CH-POW algorithm and a DBFT algorithm.
Further, the chain management mechanism further includes a block management operation, and the method of the block management operation includes: the DBFT algorithm is executed and manages the content within the exception block in conjunction with all verification nodes.
Further, the specific steps of step 2 are as follows:
step 2.1, calculating a nonce value of the verification node according to a CH-POW algorithm;
step 2.2, according to the nonce value of any verification node, packaging the transaction records of the block in the network within a period of time to form a new block;
step 2.3, checking the correctness of the new block through the verification node, and if the check is passed, adding the new block to the tail part of the permission chain; if the check fails, the new block is discarded.
Further, the chameleon hash function G includes three sub-algorithms, which are:
(1) the key generation algorithm: inputting a security parameter a, and outputting a hash key hk and a hash limit gate tk;
(2) chameleon hash algorithm: inputting a hash key hk, a random number r and a message m with any length, and outputting a color-changing hash value g;
(3) and (3) collision algorithm: inputting the color-changing hash value g, the hash limit gate tk and a message m 'with any length, and outputting a random number r'.
Further, the specific steps of step 3 are as follows:
step 3.1, generating a new transaction record set tran-set 'according to the transaction record set tran-set of the abnormal block, transmitting the request modification content containing the transaction record set tran-set' in the network, and entering step 3.2;
step 3.2, the verification node receives the modification request content, judges whether the modification request content is legal or not according to the link control mechanism, and if the modification request content is legal, the step 3.3 is carried out; if not, discarding the modification request content;
step 3.3, voting is carried out on all verification nodes according to the DBFT algorithm, and if all verification nodes can achieve consensus, the step 3.4 is carried out; if all verification nodes can not achieve consensus, discarding the modification request content;
3.4, all verification nodes participate in the calculation of the chameleon hash function G together according to the grasped hash threshold tk fragments, and the solution is recorded as r', and the step 3.5 is carried out;
and 3.5, all verification nodes take each transaction record in the transaction record set tran-set ' as a leaf node, calculate the root node root ' of the Merkle hash tree, search a corresponding target block on the permission chain according to r ' and the root ', and replace a corresponding value in the abnormal block by using r ', the root ' and the tran-set '.
Further, the chain management and control mechanism further includes a management and control requirement, where the management and control requirement includes that each transaction record in the modified transaction record set tran-set' needs to satisfy all the following requirements: (1) each transaction record is correct and credible; (2) each transaction record does not result in double flowers; (3) each transaction record does not cause the balance of the user account to be negative; (4) each transaction record 'in transaction record set tran-set'i(i is more than or equal to 1 and less than or equal to n) is input as a leaf node, and an output value root' obtained by calculating the Merkle hash tree is the same as a root value before modification; the management and control requirements further include that the modified block should satisfy each of the following requirements: (1) the permission chains remain consistent; (2) the parameters of the modified block must be correct.
Further, the method for supervising the blocks in the admission chain according to the chain management mechanism comprises the following steps: and writing a chain control mechanism into an intelligent contract, periodically checking whether blocks in the network accord with a block control condition or not by the intelligent contract, and if a certain transaction record in a transaction record set of any block in the network accords with the block control condition, determining the block which accords with the block control condition as an abnormal block.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
1. in the invention, the overall real-time monitoring of malicious information and wrong transaction information on the blocks by the whole node is realized by defining a chain control mechanism, any common node (namely an access node) can report wrong blocks to a verification node, the control of the whole permission chain by a plurality of verification nodes is realized by constructing the permission chain, the control of the permission chain network is realized under the environment of a weak center (or called partial decentralization), all the verification nodes effectively modify the blocks by calculating a chameleon Hash collision algorithm and a DBFT algorithm, and the safety and the control characteristics of the permission chain are realized.
2. In the invention, the permission chain is reinitialized by defining the chain control mechanism, and the blocks in the permission chain are supervised according to the chain control mechanism, so that the blocks which do not conform to the chain control mechanism are controlled, the blocks in the permission chain are controlled dynamically and efficiently, and the safety of the permission chain is improved.
3. In the invention, the workload certification (CH-POW) algorithm based on the chameleon hash function is used as the consensus algorithm for block confirmation, and the transaction records in the block are legally modified, so that the data controllability is efficiently realized, and the safe operation of the license chain is ensured.
4. In the invention, a chain management and control mechanism is written into an intelligent contract, and a Byzantine fault tolerant (DBFT) algorithm is used as a consensus algorithm for block modification, so that efficient mechanism controllability is realized by verifying node voting.
5. In the invention, a dynamic access mechanism of the verification node is realized through a verification node list and a DBFT algorithm which are dynamically maintained by a chain administrator, so that the controllability of the verification node is realized.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
FIG. 1 is a schematic overall flow chart of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It is noted that relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Example 1
The invention provides a chameleon hash function-based license chain construction and management and control method, which comprises the following steps:
step 1, defining a chain management mechanism and initializing a permission chain according to the chain management mechanism.
And 2, adding a new block into the permission chain.
And 3, monitoring the blocks in the permission chain according to a chain control mechanism, and controlling the blocks which do not conform to the chain control mechanism.
The chain management mechanism includes a block format and a block management condition. The block format includes a block header and a block body, and the block size is 1M. The block head comprises version number version, hash value pre-hash of the previous block, random number nonce, workload proof difficulty value complex, timestamp, Merkle hash tree root, chameleon random number r and chameleon hash value g; the block body comprises a transaction record set tran-set consisting of a plurality of transaction records, and the transaction record set is represented by the following form: tran _ set ═ recordi}1≤i≤nWherein i represents the subscript of each transaction record in the transaction record set, and n represents the number of transaction records in the transaction record set. The block control condition is a criterion for distinguishing a normal block from an abnormal block, and includes: (1) related to national security and cyberspace security; (2) related to illegal discipline and terrorism; (3) significant privacy leaks about individuals or units; (4) about false or erroneous transactions, such as: whether it causes Double blossom (Double painting), whether it causes the account balance to be negative; (5) errors due to human or machine errors, such as: account number error, transaction time error. If one transaction record in the transaction record set of any block in the network meets the block control condition, the block meeting any requirement in the block control condition is marked as an abnormal block.
In step 1, the specific steps of initializing the license chain are as follows:
and 1.1, selecting an anti-collision hash function H and a chameleon hash function G. And the selected anti-collision hash function H is the system hash function. The chameleon hash function G includes three sub-algorithms, which are:
(1) key generation (GKeyGen) algorithm: inputting a security parameter a, outputting a hash key hk and a hash limit gate tk.
(2) Chameleon hash (Ghash) algorithm: inputting a hash key hk, a random number r and a message m with any length, and outputting a color-changing hash value g.
(3) Collision (Gcol) algorithm: inputting the hash value g, the hash limit gate tk and a message m 'of any length, and outputting a random number r', so that Ghash (m ', hk, r') is g.
And step 1.2, accessing nodes into the permission chain, and selecting partial nodes as verification nodes.
Firstly, a chain administrator accesses nodes to join a network through a set of identity authentication mechanism, and selects part of the nodes as authentication nodes, and the rest of the nodes as access nodes. The verification node has the right to audit and verify the block, and the access node is used for reading the content on the permission chain. Then, the chain administrator saves the node lists of all the verification nodes and maintains the node lists for the node dynamic admission mechanism in real time.
And 1.3, calculating according to a key generation algorithm to obtain a hash key hk and a hash threshold tk, splitting the hash threshold tk into fragments according to the number of the selected verification nodes, and mastering one fragment by all the verification nodes.
The chain administrator selects a security parameter a as input, and executes a key generation algorithm to obtain a public hash key hk and a hash threshold tk. And disclosing the hash key hk, splitting the hash limit gate tk into a plurality of fragments in a threshold secret sharing mode, and safely sending the fragments to all verification nodes, so that each verification node can master one part of the hash limit gate tk.
And step 1.4, defining a CH-POW (workload certification based on the chameleon hash function) algorithm for calculating the hash value of the block according to the block format, the collision-resistant hash function H, the chameleon hash algorithm Ghash, the hash key hk and the hash limit tk. The calculation formula of the CH-POW algorithm is as follows:
h=H(version‖pre hash‖nonce‖complex‖Ghash(tran set‖root‖timestamp,hk,r))
the method comprises the steps of obtaining a system hash function H, obtaining a chameleon hash algorithm Ghash by using a hash table, obtaining a version number of a block by using a version set of the block, obtaining a hash value of a previous block by using a hash table, obtaining a hash value of the previous block by using a hash table, obtaining a workload certification difficulty value by using a hash table, obtaining a hash value of the block, and obtaining a public hash key hk by using the hash value hk. Wherein, the difficulty value is automatically adjusted by the system according to the difficulty of ore excavation; the chameleon random number is used as the initial stage of block generation, and the nodes are randomly generated. Any node repeatedly executes the CH-POW algorithm as its proof of workload. Calculating the hash value h of the block by repeatedly selecting the nonce through the verification node is a process of mining, and when the obtained hash value h meets the target value requirement of the workload certification (for example, the target value is a plurality of hash values starting from 0), a mine is mined, and the nonce is a solution of the workload certification of the node.
The chain management mechanism further comprises a block management operation and a management requirement, and the method of the block management operation comprises the following steps: and executing a DBFT algorithm and combining all verification nodes to modify any transaction records in the abnormal block, and modifying a Merkle hash tree root and a timestamp corresponding to the abnormal block. The regulatory requirements include that each transaction record in the modified transaction record set tran-set' needs to satisfy all of the following requirements: (1) each transaction record is correct and credible, namely, both transaction parties sign the confirmed transaction; (2) each transaction record does not result in Double blossom (Double painting), i.e. the same money is used for two transactions; (3) each transaction record does not cause the balance of the user account to be negative; (4) each transaction record 'in transaction record set tran-set'iAnd (i is more than or equal to 1 and less than or equal to n) is input as a leaf node, and the output value root' obtained by calculating the Merkle hash tree is the same as the root value before modification. The control requirement further includes that the modified block should satisfy each of the following requirements: (1) the permission chain keeps consistency, namely after the abnormal block is modified, the hash value h' of the abnormal block is the same as the hash value of the block before modification; (2) the parameters of the modified block must be correct, namely: version, pre-hash, nonce, complex and old block should keep consistency, root ', tran-set ' and timestamp ' should be modified values.
Step 1.5, generating a creating block through a chain management and control mechanism, an anti-collision Hash function H, a chameleon Hash function G, CH-POW algorithm and a DBFT algorithm.
Writing a DBFT (Byzantine Fault tolerance) algorithm, a CH-POW algorithm, an anti-collision hash function H, a chameleon hash function G, a chain management and control mechanism, a pointer pointing to a verification node list dynamically maintained by a chain manager, a timestamp, a version number and a created hash value into a created block. The created hash value is set by the system, and the values of the timestamp and the version number are filled in by the node. When a new node is authorized by the chain administrator, the chain administrator updates the verification node list and hands fragments mastered by the cancelled verification node to the new node, so that a dynamic access mechanism of the verification node is realized. After the created block is generated, the chain administrator broadcasts the created block in the network.
The specific steps of step 2 are as follows:
and 2.1, repeatedly executing the CH-POW algorithm by the verification node to find a nonce value meeting the workload certification requirement.
And 2.2, packaging the transaction records of the blocks in the network within a current period of time to form a new block according to the nonce value of any verification node.
According to the nonce value calculated by the verification node and the format of the created block, the transaction records in the network within a current period of time are packaged and filled into a new block, the transaction record set integrated with each transaction record is placed in the block body, the calculated nonce value is placed in the block head, and the new block is spread in the network. The transaction record formed by packaging contains the transaction information of the users in the network in the current period of time, and additionally contains a commission fee, and the blocks with higher commission fee can be confirmed as soon as possible.
Step 2.3, checking the correctness of the new block through the verification node, and if the check is passed, adding the new block to the tail part of the permission chain; if the check fails, the new block is discarded.
Any verification node may verify the correctness of the new block, including but not limited to: (1) correctness of transaction signature; (2) whether the discolour hash value g of the block satisfies g ═ Ghash (tran set | root | timemap | hk | r); (3) and judging whether the hash value h of the block is correct or not, namely judging whether the hash value obtained by calculating the content contained in the block is consistent with the hash value in the block header or not. If the verification is passed, adding the new block to the tail part of the permission chain, and meanwhile, continuously searching a nonce value meeting the target value requirement of the workload certification by the verification node, namely continuously digging the mine behind the block by the verification node; if the check fails, the new block is discarded.
When two or more verification nodes find different nonces which meet the requirement of workload certification, the permission chain is forked and still follows the principle of long-chain optimization. Namely: individual verification nodes may choose to continue mining after any of their issued blocks, but the system only follows the longest chain. Thus, if there are fewer blocks following a certain verification node, the fork is automatically discarded.
In step 3, the method for supervising the blocks in the admission chain according to the chain management and control mechanism comprises: and writing a chain control mechanism into an intelligent contract, periodically checking whether blocks in the network accord with a block control condition or not by the intelligent contract, and if a certain transaction record in a transaction record set of any block in the network accords with the block control condition, determining the block which accords with the block control condition as an abnormal block.
The specific steps of step 3 are as follows:
and 3.1, generating a new transaction record set tran-set 'according to the transaction record set tran-set of the abnormal block, transmitting the request modification content containing the transaction record set tran-set' in the network, and entering the step 3.2.
When any node (verification node or access node) finds that abnormal transaction records exist in the block, a new transaction record set tran-set 'is generated by modifying any transaction records in the abnormal block, and (tran-set', h, replay) is broadcast in the network as a modification request. Wherein h represents the hash value of the abnormal block, and the replay represents the reason and basis for requesting modification.
Step 3.2, the verification node receives the modification request content, judges whether the modification request content is legal or not according to the link control mechanism, and if the modification request content is legal, the step 3.3 is carried out; if not, the modification request content is discarded. And after receiving the modification request, the verification node judges whether the modification request is legal or not according to the block management and control conditions in the chain management and control mechanism defined in the created block.
Step 3.3, voting is carried out on all verification nodes according to the DBFT algorithm, and if all verification nodes can achieve consensus, the step 3.4 is carried out; if all verification nodes cannot agree, the modification request content is discarded. Since the DBFT algorithm supports a dynamic admission mechanism, the verification nodes with voting right are all from the node list. Namely: a new authentication node joining in real time may participate in a new round of authentication, with the authentication node that has been revoked having no voting authority.
And 3.4, all verification nodes participate in the calculation of the chameleon Hash algorithm Ghash together according to the grasped Hash threshold tk fragments, and the solution is marked as r', and the step 3.5 is carried out. Each verification node takes tk fragments obtained in a threshold secret sharing mode as input and participates in calculating the solution r' of the Gcol algorithm together, and the calculation formula is as follows:
r′=Gcol(tran set′||root′||timestamp′,tk,g)
wherein, the finally obtained r 'is a random value satisfying the Ghash algorithm, that is, r' can satisfy:
Ghash(tran set‖root‖timestamp,hk,r)=g=Ghash(tran set′||root′||timestamp′,hk′,r′)
therefore, the hash value of the modified block is not changed, and the content of the block is legally modified.
And 3.5, all the verification nodes take each transaction record in the transaction record set tran-set ' as a leaf node, calculate the root node root ' of the Merkle hash tree, search the corresponding target block on the permission chain according to the (r ', root '), and replace the (r, root, tran-set) in the target block with the new (r ', root ', tran-set '). Therefore, the modification of the abnormal block is completed, and any node can read the modified block content.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (8)
1. A permission chain construction and management and control method based on chameleon hash function is characterized by comprising the following steps:
step 1, defining a chain management and control mechanism and initializing a permission chain according to the chain management mechanism;
the chain management and control mechanism comprises a block format and a block management and control condition, wherein the block format comprises a block head and a block body, and the block head comprises a version number version, a hash value pre-hash of a previous block, a random number nonce, a workload proof difficulty value complete, a timestamp, a Merkle hash tree root node root, a chameleon random number r and a chameleon hash value g; the block body comprises a transaction record set tran-set consisting of a plurality of transaction records;
in step 1, the specific steps of initializing the license chain are as follows:
step 1.1, selecting an anti-collision hash function H and a chameleon hash function G;
step 1.2, accessing nodes into the permission chain, and selecting partial nodes as verification nodes;
step 1.3, calculating according to a chameleon hash function G to obtain a hash key hk and a hash threshold tk, splitting the hash threshold tk into fragments according to the number of selected verification nodes, and mastering one fragment by all the verification nodes;
step 1.4, defining a CH-POW algorithm for calculating the hash value of the block according to the block format, the collision-resistant hash function H, the chameleon hash function G, the hash key hk and the hash limit tk;
the calculation formula of the CH-POW algorithm is as follows:
h=H(version||pre-hash||nonce||complex||Ghash(tran-set||root||timestamp,hk,r) );
the Ghash represents a chameleon Hash algorithm Ghash;
step 1.5, generating a creating block through a chain management and control mechanism, an anti-collision Hash function H, a chameleon Hash function G, CH-POW algorithm and a DBFT algorithm;
step 2, adding a new block into the permission chain;
and 3, monitoring the blocks in the permission chain according to a chain control mechanism, and controlling the blocks which do not conform to the chain control mechanism.
2. The method as claimed in claim 1, wherein the block management condition is a standard for distinguishing between normal blocks and abnormal blocks, and blocks meeting any requirement of the block management condition are marked as abnormal blocks; the block management condition includes: (1) related to national security and cyberspace security; (2) related to illegal discipline and terrorism; (3) significant privacy leaks about individuals or units; (4) about false or erroneous transactions; (5) errors due to human or machine errors.
3. The method as claimed in claim 1 or 2, wherein the chain management mechanism further includes a block management operation, and the method of the block management operation is: the DBFT algorithm is executed and manages the content within the exception block in conjunction with all verification nodes.
4. The method for constructing and managing the license chain based on the chameleon hash function according to claim 1, wherein the specific steps of the step 2 are as follows:
step 2.1, calculating a nonce value of the verification node according to a CH-POW algorithm;
step 2.2, according to the nonce value of any verification node, packaging the transaction records of the block in the network within a period of time to form a new block;
step 2.3, checking the correctness of the new block through the verification node, and if the check is passed, adding the new block to the tail part of the permission chain; if the check fails, the new block is discarded.
5. The method for constructing and managing the license chain based on the chameleon hash function as claimed in claim 1, wherein the chameleon hash function G comprises three sub-algorithms, respectively:
(1) the key generation algorithm: inputting a security parameter a, and outputting a hash key hk and a hash limit gate tk;
(2) chameleon hash algorithm: inputting a hash key hk, a random number r and a message m with any length, and outputting a color-changing hash value g;
(3) and (3) collision algorithm: inputting the color-changing hash value g, the hash limit gate tk and a message m 'with any length, and outputting a random number r'.
6. The method for constructing and managing the license chain based on the chameleon hash function according to claim 2 or 5, wherein the specific steps of the step 3 are as follows:
step 3.1, generating a new transaction record set tran-set 'according to the transaction record set tran-set of the abnormal block, transmitting the request modification content containing the transaction record set tran-set' in the network, and entering step 3.2;
step 3.2, the verification node receives the modification request content, judges whether the modification request content is legal or not according to the link control mechanism, and if the modification request content is legal, the step 3.3 is carried out; if not, discarding the modification request content;
step 3.3, voting is carried out on all verification nodes according to the DBFT algorithm, and if all verification nodes can achieve consensus, the step 3.4 is carried out; if all verification nodes can not achieve consensus, discarding the modification request content;
3.4, all verification nodes participate in the calculation of the chameleon hash function G together according to the grasped hash threshold tk fragments, and the solution is recorded as r', and the step 3.5 is carried out;
and 3.5, all verification nodes take each transaction record in the transaction record set tran-set ' as a leaf node, calculate the root node root ' of the Merkle hash tree, search a corresponding target block on the permission chain according to r ' and the root ', and replace a corresponding value in the abnormal block by using r ', the root ' and the tran-set '.
7. The claim 6 of a kind of permission chain construction and control side based on chameleon hash functionThe method is characterized in that the chain management and control mechanism further comprises management and control requirements, wherein the management and control requirements comprise that each transaction record in the modified transaction record set tran-set' needs to meet all the following requirements: (1) each transaction record is correct and credible; (2) each transaction record does not result in double flowers; (3) each transaction record does not cause the balance of the user account to be negative; (4) each transaction record 'in transaction record set tran-set'i(i is more than or equal to 1 and less than or equal to n) is input as a leaf node, and an output value root' obtained by calculating the Merkle hash tree is the same as a root value before modification; the management and control requirements further include that the modified block should satisfy each of the following requirements: (1) the permission chains remain consistent; (2) the parameters of the modified block must be correct.
8. The method for constructing and managing the license chain based on the chameleon hash function as claimed in claim 2, wherein the method for supervising the blocks in the license chain according to the chain management mechanism comprises: and writing a chain control mechanism into an intelligent contract, periodically checking whether blocks in the network accord with a block control condition or not by the intelligent contract, and if a certain transaction record in a transaction record set of any block in the network accords with the block control condition, determining the block which accords with the block control condition as an abnormal block.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810675840.6A CN108830602B (en) | 2018-06-27 | 2018-06-27 | Permission chain construction and management and control method based on chameleon hash function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810675840.6A CN108830602B (en) | 2018-06-27 | 2018-06-27 | Permission chain construction and management and control method based on chameleon hash function |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108830602A CN108830602A (en) | 2018-11-16 |
| CN108830602B true CN108830602B (en) | 2022-03-29 |
Family
ID=64139025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810675840.6A Active CN108830602B (en) | 2018-06-27 | 2018-06-27 | Permission chain construction and management and control method based on chameleon hash function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108830602B (en) |
Families Citing this family (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109542577B (en) * | 2018-11-30 | 2022-05-06 | 北京小米移动软件有限公司 | Advertisement updating method and device and computer readable storage medium |
| CN109559123B (en) * | 2018-12-10 | 2021-10-29 | 深圳市小绿人网络信息技术有限公司 | Hybrid point-to-point network processing method |
| CN109547194B (en) * | 2018-12-11 | 2021-08-27 | 安徽大学 | Lattice-based chameleon hash function construction method |
| CN110020547A (en) * | 2019-01-31 | 2019-07-16 | 阿里巴巴集团控股有限公司 | A kind of data hiding method, device and equipment |
| CN110086599B (en) * | 2019-04-24 | 2021-01-08 | 电子科技大学 | Hash calculation method and signcryption method based on homomorphic chameleon Hash function |
| CN111966696B (en) * | 2019-05-20 | 2023-10-13 | 深圳市网安计算机安全检测技术有限公司 | Method, device and equipment for updating data in block chain |
| CN110377609B (en) * | 2019-06-17 | 2021-11-02 | 北京航空航天大学 | Intelligent contract dynamic deployment and evolution method and device based on block chain |
| CN110457297B (en) * | 2019-07-10 | 2022-02-15 | 北京航空航天大学 | Editable block chain system and method based on multi-authority attribute encryption |
| CN111211904B (en) * | 2019-12-13 | 2023-06-02 | 杭州复杂美科技有限公司 | Consensus method, device and storage medium |
| CN111147228B (en) * | 2019-12-28 | 2022-04-01 | 西安电子科技大学 | Ethernet IoT entity based lightweight authentication method, system and intelligent terminal |
| CN112054990B (en) * | 2020-07-21 | 2022-09-16 | 杜晓楠 | Method for preventing Hash flood attack in blockchain system, computer readable medium and blockchain system |
| CN111753335B (en) * | 2020-08-28 | 2023-09-01 | 支付宝(杭州)信息技术有限公司 | Editing method and device for block content |
| CN112272092B (en) * | 2020-08-30 | 2021-07-27 | 河南大学 | Data editing method applied to block chain |
| CN112468302A (en) * | 2020-10-23 | 2021-03-09 | 湖南天河国云科技有限公司 | Editable blockchain based on verifiable multiparty secret sharing |
| CN112070501B (en) * | 2020-11-10 | 2021-03-02 | 支付宝(杭州)信息技术有限公司 | Block chain transaction initiating and verifying method and system |
| CN112307513B (en) * | 2020-11-23 | 2022-09-30 | 从法信息科技有限公司 | Uplink document security management method and device based on time domain consensus and electronic equipment |
| CN113794556B (en) * | 2021-09-10 | 2023-05-23 | 福建师范大学 | PCH revocable method and system for collectable blockchain protocol |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105978696A (en) * | 2016-05-09 | 2016-09-28 | 北京航空航天大学 | Revocable quick data outsourcing packaging method and device |
| CN106878000A (en) * | 2017-03-06 | 2017-06-20 | 中钞信用卡产业发展有限公司北京智能卡技术研究院 | A kind of alliance's chain common recognition method and system |
| WO2017145004A1 (en) * | 2016-02-23 | 2017-08-31 | nChain Holdings Limited | Universal tokenisation system for blockchain-based cryptocurrencies |
| CN107563754A (en) * | 2017-08-17 | 2018-01-09 | 杭州云象网络技术有限公司 | A kind of storage of serial number information and verification method based on block chain |
| CN107819583A (en) * | 2016-09-13 | 2018-03-20 | 渡边浩志 | The anti-abuse technology of key |
| CN108009778A (en) * | 2017-12-25 | 2018-05-08 | 南京思利华信息科技有限公司 | A kind of supply chain management method |
| CN108111312A (en) * | 2017-12-28 | 2018-06-01 | 电子科技大学 | A kind of intelligent terminal safety communicating method based on block chain |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9967088B2 (en) * | 2016-05-23 | 2018-05-08 | Accenture Global Solutions Limited | Rewritable blockchain |
-
2018
- 2018-06-27 CN CN201810675840.6A patent/CN108830602B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017145004A1 (en) * | 2016-02-23 | 2017-08-31 | nChain Holdings Limited | Universal tokenisation system for blockchain-based cryptocurrencies |
| CN105978696A (en) * | 2016-05-09 | 2016-09-28 | 北京航空航天大学 | Revocable quick data outsourcing packaging method and device |
| CN107819583A (en) * | 2016-09-13 | 2018-03-20 | 渡边浩志 | The anti-abuse technology of key |
| CN106878000A (en) * | 2017-03-06 | 2017-06-20 | 中钞信用卡产业发展有限公司北京智能卡技术研究院 | A kind of alliance's chain common recognition method and system |
| CN107563754A (en) * | 2017-08-17 | 2018-01-09 | 杭州云象网络技术有限公司 | A kind of storage of serial number information and verification method based on block chain |
| CN108009778A (en) * | 2017-12-25 | 2018-05-08 | 南京思利华信息科技有限公司 | A kind of supply chain management method |
| CN108111312A (en) * | 2017-12-28 | 2018-06-01 | 电子科技大学 | A kind of intelligent terminal safety communicating method based on block chain |
Non-Patent Citations (3)
| Title |
|---|
| PoW挖矿算法原理;lengxue789;《https://blog.csdn.net/lengxue789/article/details/79998866》;20180418;1-6 * |
| Redactable Blockchain or Rewriting History in Bitcoin and Friends;Giuseppe Ateniese et al.;《2017 IEEE European Symposium on Security and Privacy》;20170703;111-126 * |
| 大数据产业化中的核心安全;张小松 等;《信息安全研究》;20151231;第1卷(第3期);205-210 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108830602A (en) | 2018-11-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108830602B (en) | Permission chain construction and management and control method based on chameleon hash function | |
| US20220366401A1 (en) | Rapid distributed consensus on blockchain | |
| CN109583885B (en) | Round control of rewritable block chains | |
| US11799637B2 (en) | Methods and systems for blockchain-implemented event-lock encryption | |
| Stokkink et al. | Deployment of a blockchain-based self-sovereign identity | |
| Hanifatunnisa et al. | Blockchain based e-voting recording system design | |
| CN109194708B (en) | Distributed storage system based on block chain technology and identity authentication method thereof | |
| US11301361B2 (en) | Sidechain testing system and method for improving security and stability of a smart contract by generating sidechains having mirror image accounts of part or all mainchain assets | |
| CN108009917B (en) | Transaction verification and registration method and system for digital currency | |
| CN109417478B (en) | Multi-link cipher logical block chain | |
| US20200067697A1 (en) | Method for operating a blockchain | |
| AU2018202830A1 (en) | Digital Asset Platform | |
| Lee et al. | Modifiable public blockchains using truncated hashing and sidechains | |
| CN111988290B (en) | Transaction deletion method and system under user balance privacy protection and authorization supervision | |
| CN109428892B (en) | Multi-stage rewritable block chain | |
| Jia et al. | Redactable blockchain supporting supervision and self-management | |
| CN111639935A (en) | Account book modification method applicable to editable block chain | |
| Cheng et al. | Polynomial-based modifiable blockchain structure for removing fraud transactions | |
| CN112241919A (en) | Multi-domain blockchain network with data flow control | |
| Gayvoronskaya et al. | Blockchain | |
| Konashevych | Cross-blockchain protocol for public registries | |
| JP2023548572A (en) | Storing sensitive data on the blockchain | |
| CN114169888B (en) | Universal type cryptocurrency custody method supporting multiple signatures | |
| Anwar et al. | A Comprehensive Insight into Blockchain Technology: Past Development, Present Impact and Future Considerations | |
| NL2027048B1 (en) | Methods, systems and networks for recovering distributed databases, and computer program products, data carrying media and non-transitory tangible data storage media with computer programs and/or databases stored thereon useful in recovering a distributed database. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |